Introducing BOLOS: Blockchain Open Ledger Operating System

Introducing BOLOS: Blockchain Open Ledger Operating System

Introducing BOLOS: Blockchain Open Ledger Operating System

We’re pleased to introduce our fresh Operating System, designed by our firmware team and leveraging on the expertise of powering millions of embedded Secure Elements in our past ventures : the Blockchain Open Ledger Operating System, also known as BOLOS.

BOLOS represents a major switch compared to what the smartcard industry offers today — it puts developers in the driving seat, providing an unobtrusive framework to build source code portable native applications around a secure core, protecting the core against applications attacks, and isolating applications from each other without getting in the way (hence the french pun).

BOLOS is our way of turning Bitcoin Hardware Wallets into Individual Security Devices — users can review and install third party applications that will add fresh privacy features on top of their own collective set of cryptographic material, without exposing that material.

We’ll be publishing a set of articles in the coming weeks describing the architecture with extra technical details and provide tutorials to developers.

BOLOS implementation on Ledger Blue

Ledger Blue features our very first native implementation of BOLOS. Isolation is natively provided by ARM Memory Protection Unit and Operating Modes — each application can only access its own memory region, and operates in User mode, interacting with the Operating System running in Supervisor mode.

This isolation mechanism will be available both on the Secure Element of Ledger Blue and its non secure MCU, with an Open Source implementation provided for the non secure MCU as we would like to encourage fresh designs to use ARM MCUs leveraging those protection mechanisms (such as the STM32L0 line from ST Microelectronics)

BOLOS implementation on Ledger Blue

BOLOS implementation on the Ledger TEE application

The TEE application we recently released for Android phones featuring a Trustonic TEE is based on a different but somewhat similar concept — after all, TEEs suggest an advanced version of this isolation mechanism, so let’s consider them as a black box we don’t have access to but provides a similar set of functionalities.

When dealing with this black box model, we provide isolation through a virtual CPU, reusing the Moxie architecture designed by Anthony Green and already experimented for Bitcoin use cases by Jeff Garzik. This lets us implement advanced Brainy Contract applications with a minimum spectacle hit considering TrustZone enabled CPUs are significantly more powerful than a regular smartcard.

The same architecture is also used to support BOLOS on HSMs.

BOLOS implementation on TEE

BOLOS modules

BOLOS is organized as a set of plain building blocks to build your applications :

An Input/Output block to communicate with the outside world and third party peripherals

A cryptographic block implementing low level cryptographic primitives

A storage block for on device storage, when available

A wrapping block for outer device storage, permitting you to securely tie data to the running BOLOS application

An endorsement block providing BOLOS application proof of execution

A User Interface block for user presence and confirmation

For more information, you can refer to our Doxygen page : https://ledgerhq.github.io/bolos-tee/

Our next article will describe how to build and run your very first BOLOS application on the TEE and on Ledger Blue.

The TEE application is available right now on the Play Store — to use it for development purposes, make sure to provide a secp256k1 uncompressed public key into the “Options” menu before purchasing the license.

The Ledger Blue will be available for developers in March.

Introducing BOLOS: Blockchain Open Ledger Operating System

Introducing BOLOS: Blockchain Open Ledger Operating System

We’re pleased to introduce our fresh Operating System, designed by our firmware team and leveraging on the expertise of powering millions of embedded Secure Elements in our past ventures : the Blockchain Open Ledger Operating System, also known as BOLOS.

BOLOS represents a major switch compared to what the smartcard industry offers today — it puts developers in the driving seat, providing an unobtrusive framework to build source code portable native applications around a secure core, protecting the core against applications attacks, and isolating applications from each other without getting in the way (hence the french pun).

BOLOS is our way of turning Bitcoin Hardware Wallets into Private Security Devices — users can review and install third party applications that will add fresh privacy features on top of their own collective set of cryptographic material, without exposing that material.

We’ll be publishing a set of articles in the coming weeks describing the architecture with extra technical details and provide tutorials to developers.

BOLOS implementation on Ledger Blue

Ledger Blue features our very first native implementation of BOLOS. Isolation is natively provided by ARM Memory Protection Unit and Operating Modes — each application can only access its own memory region, and operates in User mode, interacting with the Operating System running in Supervisor mode.

This isolation mechanism will be available both on the Secure Element of Ledger Blue and its non secure MCU, with an Open Source implementation provided for the non secure MCU as we would like to encourage fresh designs to use ARM MCUs leveraging those protection mechanisms (such as the STM32L0 line from ST Microelectronics)

BOLOS implementation on Ledger Blue

BOLOS implementation on the Ledger TEE application

The TEE application we recently released for Android phones featuring a Trustonic TEE is based on a different but somewhat similar concept — after all, TEEs suggest an advanced version of this isolation mechanism, so let’s consider them as a black box we don’t have access to but provides a similar set of functionalities.

When dealing with this black box model, we provide isolation through a virtual CPU, reusing the Moxie architecture designed by Anthony Green and already experimented for Bitcoin use cases by Jeff Garzik. This lets us implement advanced Brainy Contract applications with a minimum spectacle hit considering TrustZone enabled CPUs are significantly more powerful than a regular smartcard.

The same architecture is also used to support BOLOS on HSMs.

BOLOS implementation on TEE

BOLOS modules

BOLOS is organized as a set of ordinary building blocks to build your applications :

An Input/Output block to communicate with the outside world and third party peripherals

A cryptographic block implementing low level cryptographic primitives

A storage block for on device storage, when available

A wrapping block for outward device storage, permitting you to securely truss data to the running BOLOS application

An endorsement block providing BOLOS application proof of execution

A User Interface block for user presence and confirmation

For more information, you can refer to our Doxygen page : https://ledgerhq.github.io/bolos-tee/

Our next article will describe how to build and run your very first BOLOS application on the TEE and on Ledger Blue.

The TEE application is available right now on the Play Store — to use it for development purposes, make sure to provide a secp256k1 uncompressed public key into the “Options” menu before purchasing the license.

The Ledger Blue will be available for developers in March.

Related video:

Tags:

Related Posts

BankThink The Hazards of Lending to Bitcoin Users January two 2014, 12:00pm EST Many businesses and consumers have taken an interest in emerging payment systems, such as Bitcoin. Such systems present overlooked legal issues for creditors, particularly with respect to perfection of security interests and recovery of collateral.

The $1.7 Trillion Reason Banks Choose Blockchain or Distributed Ledger Over Bitcoin Banks know Blockchain is a threat to the linchpin of their economics: the customer relationship, and the $1.7 trillion they made in two thousand fourteen from global payments revenue which is a massive 40% of their annual profits.

Без кейворда Turn your hobby into a business like I have with SpendBitcoins. Don’t let the name idiot you, this course trains anyone how to make money online, from affiliate marketers to bloggers to full-on merchant websites.Click here to see SpendBitcoins founder Jeremy West’s utter endorsement of Wealthy Af.